upstream/knot-dns
1
0
Fork 0
mirror of https://gitlab.nic.cz/knot/knot-dns.git synced 2026-05-12 17:24:48 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
16169 commits 154 branches 210 tags 60 MiB
Commit graph

945 commits

Author SHA1 Message Date
Libor Peltan
1798161e87 test/semcheck: dont use SHA1 for DS anymore 2020-11-03 10:41:46 +01:00
Libor Peltan
7bca3032ca kzonecheck: clarify if the dnssec-checks shall be done 2020-10-26 11:54:56 +01:00
Daniel Salzman
95ed84959a Merge branch 'test_semcheck_algo7' into 'master' 
tests: semcheck avoid obsolete algorithm in some test cases

See merge request knot/knot-dns!1193
 2020-10-09 14:49:09 +02:00
Libor Peltan
7a166f528e kzonecheck: option to skip DNSSEC checks 2020-10-09 14:35:41 +02:00
Libor Peltan
9fa7b39ddf tests: semcheck avoid obsolete algorithm in some test cases 
this does not fix the tests completely
it just makes the tests pass on new gnutls
which denies any old algorithms whatsoever
 2020-10-08 20:45:35 +02:00
Simon South
4144d1e9b7 test_net_shortwrite: ensure connection can succeed 
closes #693
 2020-10-01 10:31:25 +02:00
Daniel Salzman
69c7a80965 tests: fix possible NULL pointer dereference (Clang analyzer) 2020-09-07 15:18:13 +02:00
Jan Hak
f0027b2a58 test_rdataset: Comparsion of null reference fix (Clang analyzer) 2020-09-07 14:24:25 +02:00
David Vašek
8030db8738 tests/requestor: repair broken test on FreeBSD 
Both KNOT_ECONN and KNOT_ECONNREFUSED are acceptable on BSD's.

This fix compensates for a change introduced in the commit
83e07d9262.
 2020-08-27 15:31:57 +02:00
Libor Peltan
03029bcbfe dnssec: enable speedup of rrsig validation by deterministic ECDSA 2020-08-26 11:10:02 +02:00
Libor Peltan
7803589738 dnssec: implemented DSA deterministic signing 2020-08-26 10:48:47 +02:00
Daniel Salzman
b9d1579bc2 libdnssec: rename dnssec_keystore_export() to dnssec_keystore_get_private() 2020-08-25 21:52:30 +02:00
Daniel Salzman
e3135f244b tests: fix test_confio after zone config schema extension 2020-08-11 15:28:42 +02:00
Libor Peltan
b8fe253f62 implemented dnssec validation of updates 2020-08-03 16:08:28 +02:00
Daniel Salzman
1653d12323 tests/conf: fix clang-analyzer warning 'Dereference of null pointer' 2020-07-19 19:46:45 +02:00
Jan Hak
53642ae50c contrib: add base64url encoder and decoder 2020-07-01 20:33:00 +02:00
Libor Peltan
9adc992cd7 conf: allow configuring acl with a remote 2020-06-03 09:22:37 +02:00
Libor Peltan
8dc81831ef implemented parallel adjusting 2020-05-26 19:28:13 +02:00
Libor Peltan
5d0aa029ae kjournalprint: open LMDB completely RDONLY 2020-05-01 14:56:40 +02:00
Libor Peltan
14655e4e3a xdp: listen on configured ifaces with workers=RXqueues 2020-04-21 18:43:10 +02:00
Daniel Salzman
374eeaba5d conf: add 'server.listen-xdp' option + allow port specification for UNIX sockets 2020-04-21 18:43:10 +02:00
Libor Peltan
bc758178f1 xdp: conditional compilation of xdp support 2020-04-21 18:43:10 +02:00
Libor Peltan
56402f545e xdp: configurable by config file 2020-04-21 18:43:10 +02:00
Libor Peltan
0621f5fc37 bugfix: journal orphan purge not working due to concurrent RO txns 2020-04-16 15:06:37 +02:00
Libor Peltan
f776d47689 nsec3: bugfix: fix previous - effectivness and nicer code 2020-04-15 13:12:29 +02:00
Libor Peltan
bbc22036c8 nsec3: bugfix: empty-non-terminal above unchanged deleg has NSEC3: 
this happens when an incremental update removes a record from
a node, which becomes empty-non-terminal, and there is a
delegation below the node. In this situation, NSEC3 record
for this empty-non-terminal was created, which is not against
RFCs, but inconsistent with general Knot behaviour.
The fix always iterates to a subtree of empty-non-terminal
with mark_empty on incremental update.
 2020-04-13 20:06:20 +02:00
Daniel Salzman
0c869e9a21 contrib: allow sockaddr_cmp() to ignore port if needed 2020-04-03 12:47:16 +02:00
Daniel Salzman
b89cfd695e base32hex: use knot namespace for base32hex functions 2020-02-10 09:38:03 +01:00
Daniel Salzman
f29d7eaf48 base64: fix parameter alignment, update copyright 2020-02-10 09:31:11 +01:00
Emmanuel Bretelle
dec9caa2c0 base64: use knot namespace for base64 functions 
both knot and gnutls (at least until [3.4](https://gitlab.com/gnutls/gnutls/-/blob/gnutls_3_4_x/gl/base64.c)) define they own base64_{en,de}code{_alloc}.

When linking with ODR violation detection, it fails with:
```
ld.lld: error: duplicate symbol: base64_encode
stderr: ld.lld: error: duplicate symbol: base64_encode
```

This diff put the base64* functions under `knot_` namespace to avoid the
conflict.
 2020-02-10 09:31:03 +01:00
Daniel Salzman
6c43ed59ae conf: allow non-fqdn names in 'update-owner-name' configuration 2020-01-10 20:38:48 +01:00
Daniel Salzman
356310126e server: abort possible open zone transaction when shutdown 2019-12-07 21:03:18 +01:00
Libor Peltan
ef12cf45ce function not necessary 2019-12-06 11:30:29 +01:00
Libor Peltan
935ad84329 removed unnecessary code: ... 
...also it probably worked wrong with NSEC3 nodes
 2019-12-06 11:28:58 +01:00
Libor Peltan
75632433db load/double changeset: proper check of zone-in-journal non-existence 
...the previous did not work with old_contents_exists
 2019-11-21 15:43:32 +01:00
Daniel Salzman
2f4f88d4f3 tests: mute Clang 8 warnings 2019-11-05 20:27:33 +01:00
Daniel Salzman
3978e66033 zone-update: remove redundant memory context 2019-10-25 14:33:30 +02:00
Daniel Salzman
efbaae2d6f conf: rename 'max*_udp_payload' 'udp_max*_payload' 2019-10-08 14:28:48 +02:00
Daniel Salzman
25b0eca9d2 conf: rename 'server.max-tcp-clients' 'server.tcp-max-clients' 2019-10-08 14:04:32 +02:00
Daniel Salzman
880648f445 tests: mute some Coverity warnings 2019-10-06 11:11:01 +02:00
Daniel Salzman
5713358589 Unify character array initialization 2019-10-05 21:59:13 +02:00
Daniel Salzman
f9a87c22c3 contrib: replace 'struct sockaddr' with 'struct sockaddr_storage' where reasonable 2019-10-05 21:59:13 +02:00
David Vašek
36d32c2893 conf, server: add server.tcp-reuseport configuration option 2019-10-04 18:47:32 +02:00
Daniel Salzman
b9860c95af debian: update copyright 2019-09-30 21:48:46 +02:00
Daniel Salzman
edfbb50d62 libknot: update DNS Cookies implementation 
To conform to https://tools.ietf.org/html/draft-sury-toorop-dns-cookies-algorithms-00,
with siphash24 as the only available algorithm.

Initial work was done by Witold Kręcicki <wpk@culm.net>
 2019-09-26 20:43:35 +02:00
Daniel Salzman
73174b723a conf: replace tcp-[query|reply]-timeout and tcp-[io|remote-io]-timeout + improved doc 2019-09-24 21:30:21 +02:00
Daniel Salzman
fbb7f7c497 Various fixes for clang analyzer issues 2019-09-13 16:02:36 +02:00
Daniel Salzman
459a1d30bd conf: remove request-edns-option option 2019-09-12 14:18:18 +02:00
Daniel Salzman
09aa70e3b3 Use knot_dname_storage_t where suitable 2019-09-12 14:11:52 +02:00
Daniel Salzman
0a04fd28ef Introduce and use knot_dname_txt_storage_t where suitable 2019-09-12 14:11:46 +02:00